AI agent security in SecOps: what changes for IAM teams?

TL;DR: AI agents now access sensitive data, invoke workflows, and make multi-step decisions across enterprise systems, creating a non-deterministic risk model that traditional security playbooks were not built to handle, according to Zenity. The governance problem is no longer discovery alone, but controlling behaviour that changes at runtime and spans systems, permissions, and data flows.

NHIMG editorial — based on content published by Zenity: Securing the AI That Runs the Enterprise: Zenity + ServiceNow SecOps

Questions worth separating out

Q: How should security teams govern AI agents that can act across multiple systems?

A: Security teams should govern AI agents as non-human identities with explicit ownership, scoped permissions, and continuous monitoring.

Q: Why do AI agents create blind spots for IAM and SecOps programmes?

A: AI agents create blind spots because they combine identity, decision-making, and action in one runtime subject.

Q: What breaks when AI agent permissions are not continuously reviewed?

A: What breaks is the assumption that the agent's risk profile stays fixed between review cycles.

Practitioner guidance

• Define agent inventory as a governance record Capture each agent's identity, owning workflow, permissions, APIs, data sources, dependencies, and external systems in one record so SecOps and IAM teams can investigate with context.
• Route agent drift into existing SecOps queues Send permission changes, prompt changes, integration failures, and unusual data access into the same case management and triage flow used for other security events.
• Review whether access review cycles fit agent behaviour Test whether your certification and recertification process can still answer who approved what when the subject can act, change scope, and complete tasks within a single runtime session.

What's in the full article

Zenity's full research covers the operational detail this post intentionally leaves for the source:

• Agent inventory fields and context mapping across workflows, APIs, permissions, and data sources
• AISPM workflow details for detecting misconfigurations, unsafe prompts, and integration weaknesses
• Continuous assessment patterns for tracking drift, risk scoring, and triage inside SecOps
• Cross-platform governance considerations for agents that operate outside a single system

👉 Read Zenity's analysis of SecOps-native AI agent security and governance →

AI agent security in SecOps: what changes for IAM teams?

Explore further

View Full Forum →  |  NHI Foundation Course →